× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bb97389dc6412afe203995429fbb0e23f2f5a850c6f580136aa61b6fd71f1eb3
File name: 01B13E4A7EE56164D7E372040192E032
Detection ratio: 37 / 42
Analysis date: 2012-06-09 07:12:27 UTC ( 6 years, 3 months ago )
Antivirus Result Update
AhnLab-V3 Win32/Koobface.worm.33280.AA 20120608
AntiVir Worm/Koobface.bgc 20120608
Avast Win32:Konar-B [Trj] 20120608
AVG Win32/Heri 20120609
BitDefender Win32.Worm.Koobface.AOI 20120609
ByteHero Virus.Win32.Heur.e 20120531
Commtouch W32/Worm.BKSX 20120609
Comodo Worm.Win32.Koobface.cvt 20120609
DrWeb Win32.HLLW.Facebook.358 20120609
Emsisoft Worm.Koobface!IK 20120609
F-Prot W32/Worm.BKSX 20120608
F-Secure Win32.Worm.Koobface.AOI 20120609
Fortinet W32/Kryptik.L!worm 20120609
GData Win32.Worm.Koobface.AOI 20120609
Ikarus Worm.Koobface 20120609
Jiangmin Worm/Koobface.akm 20120609
K7AntiVirus NetWorm 20120608
Kaspersky Net-Worm.Win32.Koobface.cvt 20120609
McAfee W32/Koobface.worm.gen.y 20120609
McAfee-GW-Edition W32/Koobface.worm.gen.y 20120609
Microsoft Worm:Win32/Koobface.gen!D 20120607
NOD32 a variant of Win32/Kryptik.BVB 20120608
Norman W32/Obfuscated.DO!genr 20120607
nProtect Worm/W32.Koobface.33280.D 20120608
Panda W32/Koobface.HN.worm 20120608
PCTools Net-Worm.Koobface.B!rem 20120609
Rising Trojan.Win32.Generic.11EE272F 20120608
Sophos AV Mal/EncPk-LW 20120609
Symantec W32.Koobface.D 20120609
TheHacker W32/Koobface.cvt 20120608
TotalDefense Win32/Koobface.B!generic 20120608
TrendMicro WORM_PKOOBF.SMC 20120609
TrendMicro-HouseCall WORM_PKOOBF.SMC 20120608
VBA32 Malware-Cryptor.Win32.General.4.1 20120608
VIPRE Worm.Win32.Koobface.Gen.3 (v) 20120609
ViRobot Worm.Win32.S.Net-Koobface.33280.L 20120609
VirusBuster Worm.Koobface!xQ131oEJWIQ 20120608
Antiy-AVL 20120609
CAT-QuickHeal 20120608
ClamAV 20120609
eSafe 20120607
SUPERAntiSpyware 20120609
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2005

Publisher Hewlett-Packard
Product HP Installer
Original name HPZtim01.EXE
Internal name HP Installer Time Plug In
File version 7,0,0,71
Description HP Installer Time Plug-In
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-10-14 13:21:18
Entry Point 0x0000104B
Number of sections 4
PE sections
PE imports
LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
InitCommonControls
GetOpenFileNameA
CommandLineToArgvW
EndDialog
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2004:10:14 15:21:18+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
3072

LinkerVersion
5.4

EntryPoint
0x104b

InitializedDataSize
3072

SubsystemVersion
4.0

ImageVersion
5.1

OSVersion
4.0

UninitializedDataSize
23040

File identification
MD5 01b13e4a7ee56164d7e372040192e032
SHA1 705dd5786f9452ad633106657422b4f81f32938a
SHA256 bb97389dc6412afe203995429fbb0e23f2f5a850c6f580136aa61b6fd71f1eb3
ssdeep
384:JUyams1aggKG9Gik7DC9FK5ONZ7DIyXZWkHDBF1LH72pbXBjn/OlJWGgfIeqHDSO:m/lwTKRi99U5y5cKZP2tRjWlJWGFSum

File size 32.5 KB ( 33280 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-01-15 09:40:34 UTC ( 8 years, 8 months ago )
Last submission 2012-06-09 07:12:27 UTC ( 6 years, 3 months ago )
File names 01B13E4A7EE56164D7E372040192E032
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!